Back to skill

Security audit

Workflow DAG Validator / 工作流 DAG 验证器

Security checks across malware telemetry and agentic risk

Overview

This is a small DAG validation skill with no executable payload or install script, but users should review any advertised auto-fix changes before applying them.

Install only if you are comfortable letting the agent inspect DAG/workflow files. Treat any auto-fix feature as code modification: use a branch or backup, ask for a patch/diff first, and confirm where reports are written before using it in CI or production repositories.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill advertises a 'one-click auto-fix' capability for DAG dependency issues without any warning, confirmation step, or description of how workflow definitions may be modified. In workflow infrastructure, automatic edits can silently change execution order, dependencies, or parameters, creating operational and security risk if users assume the tool is read-only validation.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
Repeating the one-click auto-fix claim in the pricing section reinforces a potentially unsafe expectation that code/configuration changes can be applied automatically without highlighting the risks. Because DAGs control production workflows, unreviewed automatic patching can alter task dependencies or behavior and cause outages, incorrect processing, or deployment of unsafe workflow logic.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.